On Sun, 15 Apr 2007, [EMAIL PROTECTED] wrote:
> Greetings:
>
> After upgrading from 3.9 to 4.0 and applying patches on my test
> machine, I upgraded my production machine. On it, all patches applied
> successfully except the 002_openssl.patch, for which the `make`
> failed. The patch applied cleanly and I've checked that the output of
> `make obj`, `make depend` and `make includes` is identical for the two
> machines. But here is the output of `make` on the second machine:
>
> ===> crypto
> cc -O2 -pipe -g -DL_ENDIAN -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_NO_IDEA
> -DTERMIOS -DANSI_SOURCE -DNO_ERR -DOPENSSL_NO_ASM -DOPENSSL_NO_RC5
> -DOPENSSL_NO_KRB5 -DOPENSSL_NO_MDC2 -DNO_WINDOWS_BRAINDEATH
> -DOPENSSL_NO_HW_CSWIFT -DOPENSSL_NO_HW_NCIPHER -DOPENSSL_NO_HW_ATALLA
> -DOPENSSL_NO_HW_NURON -DOPENSSL_NO_HW_UBSEC -DOPENSSL_NO_HW_AEP
> -DOPENSSL_NO_HW_SUREWARE -DOPENSSL_NO_HW_4758_CCA
> -I/usr/src/lib/libssl/crypto/../src
> -I/usr/src/lib/libssl/crypto/../src/crypto
> -I/usr/src/lib/libssl/crypto/obj -DAES_ASM -DMD5_ASM -DSHA1_ASM
> -DRMD160_ASM -DOPENBSD_CAST_ASM
> -DOPENBSD_DES_ASM -c /usr/src/lib/libssl/src/crypto/rsa/rsa_eay.c -o
> rsa_eay.o
>
> cc -O2 -pipe -g -DL_ENDIAN -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_NO_IDEA
> -DTERMIOS -DANSI_SOURCE -DNO_ERR -DOPENSSL_NO_ASM -DOPENSSL_NO_RC5
> -DOPENSSL_NO_KRB5 -DOPENSSL_NO_MDC2 -DNO_WINDOWS_BRAINDEATH
> -DOPENSSL_NO_HW_CSWIFT -DOPENSSL_NO_HW_NCIPHER -DOPENSSL_NO_HW_ATALLA
> -DOPENSSL_NO_HW_NURON -DOPENSSL_NO_HW_UBSEC -DOPENSSL_NO_HW_AEP
> -DOPENSSL_NO_HW_SUREWARE -DOPENSSL_NO_HW_4758_CCA
> -I/usr/src/lib/libssl/crypto/../src
> -I/usr/src/lib/libssl/crypto/../src/crypto
> -I/usr/src/lib/libssl/crypto/obj -DAES_ASM -DMD5_ASM -DSHA1_ASM
> -DRMD160_ASM -DOPENBSD_CAST_ASM
> -DOPENBSD_DES_ASM -c /usr/src/lib/libssl/src/crypto/rsa/rsa_err.c -o
> rsa_err.o
>
> cc -O2 -pipe -g -DL_ENDIAN -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_NO_IDEA
> -DTERMIOS -DANSI_SOURCE -DNO_ERR -DOPENSSL_NO_ASM -DOPENSSL_NO_RC5
> -DOPENSSL_NO_KRB5 -DOPENSSL_NO_MDC2 -DNO_WINDOWS_BRAINDEATH
> -DOPENSSL_NO_HW_CSWIFT -DOPENSSL_NO_HW_NCIPHER -DOPENSSL_NO_HW_ATALLA
> -DOPENSSL_NO_HW_NURON -DOPENSSL_NO_HW_UBSEC -DOPENSSL_NO_HW_AEP
> -DOPENSSL_NO_HW_SUREWARE -DOPENSSL_NO_HW_4758_CCA
> -I/usr/src/lib/libssl/crypto/../src
> -I/usr/src/lib/libssl/crypto/../src/crypto
> -I/usr/src/lib/libssl/crypto/obj -DAES_ASM -DMD5_ASM -DSHA1_ASM
> -DRMD160_ASM -DOPENBSD_CAST_ASM
> -DOPENBSD_DES_ASM -c /usr/src/lib/libssl/src/crypto/rsa/rsa_x931.c
> -o rsa_x931.o
>
> /usr/src/lib/libssl/src/crypto/rsa/rsa_x931.c: In function
> `RSA_X931_hash_id':
>
> /usr/src/lib/libssl/src/crypto/rsa/rsa_x931.c:165: error: `NID_sha256'
> undeclared (first use in this function)
>
> /usr/src/lib/libssl/src/crypto/rsa/rsa_x931.c:165: error: (Each
> undeclared identifier is reported only once
>
> /usr/src/lib/libssl/src/crypto/rsa/rsa_x931.c:165: error: for each
> function it appears in.)
>
> /usr/src/lib/libssl/src/crypto/rsa/rsa_x931.c:168: error: `NID_sha384'
> undeclared (first use in this function)
>
> /usr/src/lib/libssl/src/crypto/rsa/rsa_x931.c:171: error: `NID_sha512'
> undeclared (first use in this function)
> *** Error code 1
>
> Stop in /usr/src/lib/libssl/crypto.
> *** Error code 1
>
> Stop in /usr/src/lib/libssl.
>
The required symbols are in /usr/include/openssl/obj_mac.h
That file should have been included in rsa_x931.c implicitly,
when rsa_x931.c included /usr/include/openssl/objects.h
I believe your copy of rsa_x931.c must be corrupt.
This is from my source archive (OPENBSD_4) i.e. "stable":
[EMAIL PROTECTED] lib 0:18]# sha1 libssl/src/crypto/rsa/rsa_x931.c
SHA1 (libssl/src/crypto/rsa/rsa_x931.c) =
33a25cba2f3e0413bb2581d1ef89bb22cd7a2771
[EMAIL PROTECTED] lib 0:19]# wc libssl/src/crypto/rsa/rsa_x931.c
177 677 4665 libssl/src/crypto/rsa/rsa_x931.c
My advice is to rm rsa_x931.c and to get a fresh copy by CVS.
# cd /usr/src/lib/libssl/src/crypto/rsa
# mv rsa_x931.c rsa_x931.bogus.c
# cvs up -Pd
## then:
# diff -u rsa_x931.bogus.c rsa_x931.c # and tell us the difference
Assuming, of course, that you're set up for CVS.
You can also get the file from the web with
http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libssl/src/crypto/rsa/rsa_x931.c?only_with_tag=OPENBSD_4_0
I have looked at the patch, and it doesn't seem to patch rsa_x931.c,
but does it may ultimately alter file openssl/rsa.h, which is
included by rsa_x931.c.
I use cvs on the whole tree, which eliminates a lot of these sorts
of problems, but I understand the need to patch and recompile little
parts. There is sometimes a chicken-and-egg problem with patches.
The cvsweb site mentioned can be used to check various files on
your machine against the present OPENBSD_4 tag.
This post delayed at least three hours due to spamd. :-(
This post now delayed nine hours due to spamd.
Dave
_______________________________________________
Openbsd-newbies mailing list
[email protected]
http://mailman.theapt.org/listinfo/openbsd-newbies
